amt - neither - I believe you're dealing with the web server userID's $HOME on the remote host (e.g. the web server document root doesn't matter).. and the .ssh dir should be a subdir of that (unless you specify otherwise). And of course that all has to be set up in advance including the authorized_keys portions..
| [reply] |
So you think that I should take a look at the reciever's apache home directory for the authorized_keys?
| [reply] |
amt - to be precise the cgi script makes the connection as the user that your cgi process runs as (ok, usually at least with apache, httpd's user), so you'd have to set up that whole ssh deal first on each remote machine to accept the connection.
Although you can do that, as fglock mentions you're better off with a dedicated user, and also, there are other issues that open up when trying to do this from a cgi involving file/dir permissions and security ..
..usually it's done with sudo, to manage a dedicated remote user's ability to do operations in privileged areas..
if you get it working you'll be juggling with several balls in the air at once!
| [reply] |
.ssh is not visible by default, but you should not
do that anyway - it may be exploitable.
You may have better to set up a user just to handle the
ssh communication.
| [reply] |
Yes, but this propagation function is triggered by a perl script executed by apache as a CGI, so a plain user might not do the trick. I am also writing to /root/etc.
| [reply] |